Lumension® Endpoint Intelligence Center

Intelligence Center » Browse All Vulnerabilities » CVE-2015-0525

Overview

Vulnerability Score 7.5 7.5
CVE Id CVE-2015-0525
Last Modified 10 Sep 2015 12:05:21
Published 12 Mar 2015 06:59:04
Confidentiality Impact PARTIAL PARTIAL
Integrity Impact PARTIAL PARTIAL
Availability Impact PARTIAL PARTIAL
Access Vector NETWORK
Access Complexity LOW
Authentication NONE

CVE-2015-0525

Summary

The Gateway Provisioning service in EMC Secure Remote Services Virtual Edition (ESRS VE) 3.02 and 3.03 allows remote attackers to execute arbitrary OS commands via unspecified vectors.

Vulnerable Systems

Application

  • Emc Secure Remote Services 3.02

  • Emc Secure Remote Services 3.03


References

BUGTRAQ - 20150310 ESA-2015-040: EMC Secure Remote Services Virtual Edition Security Update for Multiple Vulnerabilities

MISC - http://packetstormsecurity.com/files/130768/EMC-Secure-Remote-Services-GHOST-SQL-Injection-Command-Injection.html

MISC - https://www.securify.nl/advisory/SFY20141112/command_injection_vulnerability_in_emc_secure_remote_services_virtual_edition.html

BUGTRAQ - 20150318 Command injection vulnerability in EMC Secure Remote Services Virtual Edition


Last Updated: 27 May 2016 11:08:11